Policies & Standards

Policies & Standards

This section includes all IT policies, guidelines, best practices, standards and service level agreements.


Information security is governed by SJSU’s Information Security Program [pdf] and Responsible Use Policy. To help safeguard and secure campus information, all users and departments are required to adhere to these policies and standards or to request an exception. Please report suspected violations, questions and comments to security@sjsu.edu.

A—Z List


Airwave Standard [pdf]

This standard outlines the roles, processes, requirements and restrictions surrounding 802.11 wireless (Wi-Fi) networks.


Data Classification Best Practices

These best practices help prevent inappropriate disclosure (intentional or accidental) of confidential information, which can lead to fraud or identity theft.

Information Classification and Handling Cheat Sheet [docx]

Governed by the Institutional Data Management Counsel, the Information Classification and Handling Standard defines the requirements for assigning, maintaining classification settings, and handling sensitive information for all SJSU’s computer and communication system information, with the goal of safeguarding the confidentiality, integrity, and availability of information stored, processed, and transmitted by SJSU.

Data Network Wiring Standards [pdf]

These standards are for technical staff and contractors and include information about wiring, quality assurance, products and installation standards.


Email Best Practices

These best practices include advice for using email, managing attachments, managing junk mail, and what to do when you're away from campus.


Firewall Best Practices

These best practices are for technical staff and include information about services that are prohibited and blocked (both inbound and outbound) on the campus perimeter firewall.


Incident Response Protocol

This protocol explains what to do if you discover an information or data security breach.

Information Security Program [pdf]

This program provides direction for managing and protecting the confidentiality, integrity and availability of SJSU information assets.


Network Patch Service Level Agreements

These agreements contain information for technical staff about submitting requests for new patch cord installations in campus network closets.


Patch Management Best Practices

These best practices were implemented to minimize the number of software vulnerabilities on telecommunications and network-connected computer information systems.


Responsible Use Policy

This policy is intended to define, promote and encourage responsible use of CSU and campus information assets on the campuses and among members of the campus community.


Safe Computing Guidelines [pdf]

Follow these guidelines to keep your computer safe and prevent it from becoming compromised.

Security Awareness Training Policy

This policy ensures users are aware of threats against systems and information and how to protect the confidentiality, integrity and availability of San José State data.

Standard Workstation Configurations

Device configurations for PC deskktop Workstations, Mac desktop workstations, mobile tablets, and monitors.

Student Email Usage Guidelines

These guidelines describe student responsibilities in the use of their SJSU email accounts, and for reading and heeding email sent to them.


Telecommunication Spaces [pdf]

These standards are for technical staff and include information about the installation of telecommunications equipment on campus.

Telephone Service, Pathways and Wiring Standards [pdf]

These standards are for technical staff and include information about the installation of telephones on campus.

Telephony Rules and Policies

These rules and policies define prohibitions and considerations for personal use of state telephones.


Workstation Hardware Standard [pdf]

Specifications for the purchase of workstation hardware purchased by operational-fund, self-support and auxiliary units.